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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address ~ 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH (S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1)C3 Responsive to communication(s) filed on 01 June 2005 . 
2a)D This action is FINAL. 2b)g] This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) 03 Claim(s) 1-21 and 23-32 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) (3 Claim(s) 1-21 and 23-32 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10)13 The drawing(s) filed on 18 October 2004 is/are: a)S accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
1 1 )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-1 52. 

Priority under 35 U.S.C. § 119 

12)D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 Certified copies of the priority documents have been received. 

2. D Certified copies of the priority documents have been received in Application No. . 

3. D Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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Detailed Action 

This office action is in response to the correspondence received on June 1, 2005. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 1-21 and 23-32 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Coss et al (US Pat No: US006098172A), in view of Minear et al (US 
Pat No: US005983350A), hereafter referred to as Coss in view of Minear, respectively. 

1 . With regards to claims 1,11 and 21 , Coss teaches through Minear, a 

computerized method for automatically configuring a firewall operating within an 
individual computer comprising: determining a zone for a network address 
dynamically assigned to a network adapter in the individual computer; and 
associating a security policy, for the zone with the network adapter, the security 
policy specifying the firewall configuration to protect the individual computer; 
wherein the security policy is defined by a policy file which includes a policy file 
data structure stored as an XML (extensible markup language) document; 
wherein a security policy section of the policy file data structure includes an entry 
for each security policy that is identified by a policy identifier field and is 
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associated with a network protocol that is identified by a protocol identifier field; 
wherein the security policy section specifies filters for at least a portion of ports 
and services defined by the network protocol, and each port and service 
associated with the security policy is identified by an element identifier field, a 
field containing filter settings, and a log indicator field; wherein at least one 
security policy is included for a TCP/IP network and includes a PPTP 
(point-to-point tunneling protocol a RIP (routing information protocol), a DHCP 
(dynamic host configuration protocol),an ARP (address resolution protocol), an 
Ident (identification protocol). ICMP (internet control message protocol) and VPN 
(virtual private networking) ports, and a NetBIOS (network basic input/output 
system) service; wherein a default setting for a high security policy on the TCP/IP 
network disallows incoming network traffic through the PPTP and ICMP ports, 
allows incoming network traffic through the RIP, DHCP, ARP and VPN ports, 
disallows access through the NetBIOS service to shared resources on the 
individual computer, and disallows the individual computer from using shared 
resources of other computers on the TCP/IP network, where incoming network 
traffic that attempts to access the individual computer using PPTP and NetBIOS 
is logged; wherein a zone section of the policy file data structure includes an 
entry for each defined address zone and includes an identifier field, an address 
parameters field that defines the zone, and an identifier field for the security 
policy assigned to the zone; wherein a default zone is defined by addresses that 
are outside another zone 
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(Coss teaches a firewall design. The design disclosure features domain 
selection for an interface, such as a NIC (column 6, lines 53-61 and column 7, 
lines 9-11, lines 53-67, Coss) (equivalent to the claimed determining zone trait). 
The Coss design also features mapping policies to the NIC (column 7, lines 53- 
67, Coss). Plus, the design has configurable security policies (column 4, lines 
17-32, Coss). In addition the design features processes executed from memory 
to protect by filtering data based upon security policies (column 6, lines 49-67, 
Coss). However, much is not said regarding which protocols are covered by the 
policies. 

Minear also teaches a firewall design. The design makes use of policies 
which act upon a plurality of protocols (claim* 8, Minear). The security policies 
forward data (filter) based upon the protocol at hand. 

Both Coss and Minear teach firewall designs. Thus, it would have been 
obvious to one skilled in the art, during the time of the invention, to have 
combined the teachings of Coss with those of Minear, to provide a method for 
regulating the flow of messages through a firewall having a network protocol 
stack..." (column 2, lines 51-54, Minear)). 

2. With regards to claims 2, 12 and 24, Coss teaches through Minear, the 
computerized method further comprising: determining the network address 
assigned to the network adapter 
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(Coss's design allows for the determination of the NIC's address (column 6, 
lines 58-61 and column 7, lines 2-4, Coss). However, much is not said regarding 
which protocols are covered by the policies. 

Minear also teaches a firewall design. The design makes use of policies 
which act upon a plurality of protocols (claim 8, Minear). The security policies 
forward data (filter) based upon the protocol at hand. 

Both Coss and Minear teach firewall designs. Thus, it would have been 
obvious to one skilled in the art, during the time of the invention, to have 
combined the teachings of Coss with those of Minear, to provide a method for 
regulating the flow of messages through a firewall having a network protocol 
stack..." (column 2, lines 51-54, Minear)). 

3. With regards to claims 3, 18 and 25, Coss teaches through Minear, the 

computerized method wherein the zone is defined by a set of network addresses 
(Coss's design allows the domain selection (zone selection) to be defined by 
addresses (column 6, lines 47-67 and column 7, lines 1-4, 61-67, Coss). 
However, much is not said regarding which protocols are covered by the policies. 

Minear also teaches a firewall design. The design makes use of policies 
which act upon a plurality of protocols (claim 8, Minear). The security policies 
forward data (filter) based upon the protocol at hand. 

Both Coss and Minear teach firewall designs. Thus, it would have been 
obvious to one skilled in the art, during the time of the invention, to have 
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combined the teachings of Coss with those of Minear, to provide a method for 
regulating the flow of messages through a firewall having a network protocol 
stack..." (column 2, lines 51-54, Minear)). 

4. With regards to claims 4, 19, and 26, Coss teaches through Minear, the 
computerized method wherein the set of network addresses comprises at least 
one address within the zone 

(Coss teaches that the set of addresses comprises at least one address 
within the zone (column 7, lines 2-4, Coss). However, much is not said regarding 
which protocols are covered by the policies. 

Minear also teaches a firewall design. The design makes use of policies 
which act upon a plurality of protocols (claim 8, Minear). The security policies 
forward data (filter) based upon the protocol at hand. 

Both Coss and Minear teach firewall designs. Thus, it would have been 
obvious to one skilled in the art, during the time of the invention, to have 
combined the teachings of Coss with those of Minear, to provide a method for 
regulating the flow of messages through a firewall having a network protocol 
stack..." (column 2, lines 51-54, Minear)). 

5. With regards to claims 5, 20 and 27, Coss teaches through Minear, the 
computerized method wherein the set of network addresses comprises at least 
one address outside the zone 
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(Coss's design allows for the handling of at least one address outside the 
zone (column 7, lines 61-67, Coss). However, much is not said regarding which 
protocols are covered by the policies. 

Minear also teaches a firewall design. The design makes use of policies 
which act upon a plurality of protocols (claim 8, Minear). The security policies 
forward data (filter) based upon the protocol at hand. 

Both Coss and Minear teach firewall designs. Thus, it would have been 
obvious to one skilled in the art, during the time of the invention, to have 
combined the teachings of Coss with those of Minear, to provide a method for 
regulating the flow of messages through a firewall having a network protocol 
stack..." (column 2, lines 51-54, Minear)). 

6. With regards to claims 6, 13, and 28, Coss teaches through Minear, the 
computerized method further comprising: assigning the security policy to the 
zone 

(Coss's design allows for the policies to be applied to zones (column 6, lines 
48-61 , Coss). However, much is not said regarding which protocols are covered 
by the policies. 

Minear also teaches a firewall design. The design makes use of policies 
which act upon a plurality of protocols (claim 8, Minear). The security policies 
forward data (filter) based upon the protocol at hand. 
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* 

Both Coss and Minear teach firewall designs. Thus, it would have been 
obvious to one skilled in the art, during the time of the invention, to have 
combined the teachings of Coss with those of Minear, to provide a method for 
regulating the flow of messages through a firewall having a network protocol 
stack..." (column 2, lines 51-54, Minear)). 

* 

7. With regards to claims 7, 14 and 29, Coss teaches through Minear, the 

computerized method further comprising: retrieving the policy file that contains 
definitions for the zone and the security policy and specifies that the security 
policy is assigned to the zone 

(Coss's design features zone specific policies (column 9, lines 6-9, Coss). 
However, much is not said regarding which protocols are covered by the policies. 

Minear also teaches a firewall design. The design makes use of policies 
which act upon a plurality of protocols (claim 8, Minear). The security policies 
forward data (filter) based upon the protocol at hand. 

Both Coss and Minear teach firewall designs. Thus, it would have been 
obvious to one skilled in the art, during the time of the invention, to have 
combined the teachings of Coss with those of Minear, to provide a method for 
regulating the flow of messages through a firewall having a network protocol 
stack..." (column 2, lines 51-54, Minear)). 
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8. With regards to claims 8, 15 and 30, Coss teaches through Minear, the 
computerized method further comprising: creating the policy file from data input 
by a user 

(Coss's design allows for user specified policies (column 4, lines 17-19 and 
column 1 1 , lines 3-7, Coss). However, much is not said regarding which 
protocols are covered by the policies. 

Minear also teaches a firewall design. The design makes use of policies 
which act upon a plurality of protocols (claim 8, Minear). The security policies 
forward data (filter) based upon the protocol at hand. 

Both Coss and Minear teach firewall designs. Thus, it would have been 
obvious to one skilled in the art, during the time of the invention, to have 
combined the teachings of Coss with those of Minear, to provide a method for 
regulating the flow of messages through a firewall having a network protocol 
stack..." (column 2, lines 51-54, Minear)). 

9. With regards to claims 9, 16 and 31, Coss teaches through Minear, the 
computerized method further comprising: creating the policy file from data input 
by an administrator 

(Coss's design allows for administrator edited policies (column 4, lines 17-19, 
Coss). However, much is not said regarding which protocols are covered by the 
policies. 



Application/Control Number: 09/803,527 Page 10 

Art Unit: 2145 

Minear also teaches a firewall design. The design makes use of policies 
which act upon a plurality of protocols (claim 8, Minear). The security policies 
forward data (filter) based upon the protocol at hand. 

Both Coss and Minear teach firewall designs. Thus, it would have been 
obvious to one skilled in the art, during the time of the invention, to have 
combined the teachings of Coss with those of Minear, to provide a method for 
regulating the flow of messages through a firewall having a network protocol 
stack..." (column 2, lines 51-54, Minear)). 

10. With regards to claims 10, 17 and 32, Coss teaches through Minear, the 
computerized method further comprising: receiving data from a predetermined 
location on the network through the network adapter; and creating the policy file 
from the data 

(Coss's design allows for the downloading of policies (column 9, lines 6-9, 
Coss). However, much is not said regarding which protocols are covered by the 
policies. 

Minear also teaches a firewall design. The design makes use of policies 
which act upon a plurality of protocols (claim 8, Minear). The security policies 
forward data (filter) based upon the protocol at hand. 

Both Coss and Minear teach firewall designs. Thus, it would have been 
obvious to one skilled in the art, during the time of the invention, to have 
combined the teachings of Coss with those of Minear, to provide a method for 
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regulating the flow of messages through a firewall having a network protocol 
stack..." (column 2, lines 51-54, Minear)). 



1 1. With regards to claim 23, Coss teaches through Minear, the system wherein the 
firewall configuration process is executed by the processing unit when the 
network address for the network adapter changes 

(Coss's design allows policies to compensate for address changes (column 7, 
lines 41-45, Coss). However, much is not said regarding which protocols are 
covered by the policies. 

Minear also teaches a firewall design. The design makes use of policies 
which act upon a plurality of protocols (claim 8, Minear). The security policies 
forward data (filter) based upon the protocol at hand. 

Both Coss and Minear teach firewall designs. Thus, it would have been 
obvious to one skilled in the art, during the time of the invention, to have 
combined the teachings of Coss with those of Minear, to provide a method for 
regulating the flow of messages through a firewall having a network protocol 
stack..." (column 2, lines 51-54, Minear)). 



Response to Remarks 

The amendment received June 1, 2005 has been reviewed but is not deemed 
fully persuasive. The independent claims are now amended with traits (while not 
exactly the same traits, but similar) that were previously restricted upon. However, after 
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closer examination, it has been determined that the traits simply refer to responses 
enforced by policies dependent upon protocols. In response to the amended claims, 
the examiner has provided an additional prior art disclosing that designs did exist which 
enforced policies dependent upon protocols. 



Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Azizul Choudhury whose telephone number is (571) 
272-3909. The examiner can normally be reached on M-F. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Valencia Martin-Wallace can be reached on (571) 272-6159. The fax phone 
number for the organization where this application or proceeding is assigned is 703- 
872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 



AC 
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